citadel/user_ops.c

   1 /* needed to properly enable crypt() stuff on some systems */
   2 #define _XOPEN_SOURCE
   3 /* needed for str[n]casecmp() on some systems if the above is defined */
   4 #define _XOPEN_SOURCE_EXTENDED
   5
   6 #include <stdlib.h>
   7 #include <unistd.h>
   8 #include <stdio.h>
   9 #include <fcntl.h>
  10 #include <signal.h>
  11 #include <pwd.h>
  12 #include <sys/types.h>
  13 #include <sys/time.h>
  14 #include <string.h>
  15 #include <syslog.h>
  16 #include <pthread.h>
  17 #include "citadel.h"
  18 #include "server.h"
  19 #include "database.h"
  20 #include "user_ops.h"
  21 #include "sysdep_decls.h"
  22 #include "support.h"
  23 #include "room_ops.h"
  24 #include "logging.h"
  25 #include "file_ops.h"
  26 #include "control.h"
  27 #include "msgbase.h"
  28 #include "config.h"
  29 #include "dynloader.h"
  30
  31
  32 /*
  33  * getuser()  -  retrieve named user into supplied buffer.
  34  *               returns 0 on success
  35  */
  36 int getuser(struct usersupp *usbuf, char name[]) {
  37
  38         char lowercase_name[32];
  39         int a;
  40         struct cdbdata *cdbus;
  41
  42         bzero(usbuf, sizeof(struct usersupp));
  43         for (a=0; a<=strlen(name); ++a) {
  44                 lowercase_name[a] = tolower(name[a]);
  45                 }
  46
  47         cdbus = cdb_fetch(CDB_USERSUPP, lowercase_name, strlen(lowercase_name));
  48         if (cdbus == NULL) {
  49                 return(1);      /* user not found */
  50                 }
  51
  52         memcpy(usbuf, cdbus->ptr,
  53                 ( (cdbus->len > sizeof(struct usersupp)) ?
  54                 sizeof(struct usersupp) : cdbus->len) );
  55         cdb_free(cdbus);
  56         return(0);
  57         }
  58
  59
  60 /*
  61  * lgetuser()  -  same as getuser() but locks the record
  62  */
  63 int lgetuser(struct usersupp *usbuf, char *name)
  64 {
  65         int retcode;
  66
  67         retcode = getuser(usbuf,name);
  68         if (retcode == 0) {
  69                 begin_critical_section(S_USERSUPP);
  70                 }
  71         return(retcode);
  72         }
  73
  74
  75 /*
  76  * putuser()  -  write user buffer into the correct place on disk
  77  */
  78 void putuser(struct usersupp *usbuf, char *name)
  79 {
  80         char lowercase_name[32];
  81         int a;
  82
  83         for (a=0; a<=strlen(name); ++a) {
  84                 lowercase_name[a] = tolower(name[a]);
  85                 }
  86
  87         cdb_store(CDB_USERSUPP,
  88                 lowercase_name, strlen(lowercase_name),
  89                 usbuf, sizeof(struct usersupp));
  90
  91         }
  92
  93
  94 /*
  95  * lputuser()  -  same as putuser() but locks the record
  96  */
  97 void lputuser(struct usersupp *usbuf, char *name) {
  98         putuser(usbuf,name);
  99         end_critical_section(S_USERSUPP);
 100         }
 101
 102
 103 /*
 104  * Define a relationship between a user and a room
 105  */
 106 void CtdlSetRelationship(struct visit *newvisit,
 107                         struct usersupp *rel_user,
 108                         struct quickroom *rel_room) {
 109
 110         struct cdbdata *cdbvisit;
 111         struct visit *visits;
 112         int num_visits;
 113         int a;
 114         int replaced = 0;
 115
 116         cdbvisit = cdb_fetch(CDB_VISIT, &rel_user->usernum, sizeof(long));
 117         if (cdbvisit != NULL) {
 118                 num_visits = cdbvisit->len / sizeof(struct visit);
 119                 visits = (struct visit *)
 120                         malloc(num_visits * sizeof(struct visit));
 121                 memcpy(visits, cdbvisit->ptr,
 122                         (num_visits * sizeof(struct visit)));
 123                 cdb_free(cdbvisit);
 124                 }
 125         else {
 126                 num_visits = 0;
 127                 visits = NULL;
 128                 }
 129
 130         /* Replace an existing relationship if possible */
 131         if (num_visits > 0) for (a=0; a<num_visits; ++a) {
 132                 if ( (!strcasecmp(visits[a].v_roomname, rel_room->QRname))
 133                    && (visits[a].v_generation == rel_room->QRgen) ) {
 134                         memcpy(&visits[a], newvisit, sizeof(struct visit));
 135                         replaced = 1;
 136                         }
 137                 }
 138
 139         /* Otherwise, define a new one */
 140         if (replaced == 0) {
 141                 ++num_visits;
 142                 visits = realloc(visits,
 143                         (num_visits * sizeof(struct visit)));
 144                 memcpy(&visits[num_visits-1], newvisit, sizeof(struct visit));
 145                 }
 146
 147         /* Now write the relationship back to disk */
 148         cdb_store(CDB_VISIT,
 149                 &rel_user->usernum, sizeof(long),
 150                 visits,
 151                 (num_visits * sizeof(struct visit)));
 152         free(visits);
 153         }
 154
 155 /*
 156  * Locate a relationship between a user and a room
 157  */
 158 void CtdlGetRelationship(struct visit *vbuf,
 159                         struct usersupp *rel_user,
 160                         struct quickroom *rel_room) {
 161
 162         struct cdbdata *cdbvisit;
 163         struct visit *visits;
 164         int num_visits = 0;
 165         int a;
 166
 167         bzero(vbuf, sizeof(struct visit));
 168         strcpy(vbuf->v_roomname, rel_room->QRname);
 169         vbuf->v_generation = rel_room->QRgen;
 170
 171         cdbvisit = cdb_fetch(CDB_VISIT, &rel_user->usernum, sizeof(long));
 172         if (cdbvisit != NULL) {
 173                 num_visits = cdbvisit->len / sizeof(struct visit);
 174                 visits = (struct visit *)
 175                         malloc(num_visits * sizeof(struct visit));
 176                 memcpy(visits, cdbvisit->ptr,
 177                         (num_visits * sizeof(struct visit)));
 178                 cdb_free(cdbvisit);
 179                 }
 180
 181         if (num_visits == 0) return;
 182
 183         for (a=0; a<num_visits; ++a) {
 184
 185                 if ( (!strcasecmp(visits[a].v_roomname, rel_room->QRname))
 186                    && (visits[a].v_generation == rel_room->QRgen) ) {
 187                         memcpy(vbuf, &visits[a], sizeof(struct visit));
 188                         }
 189                 }
 190
 191         free(visits);
 192         }
 193
 194
 195 /*
 196  * Is the user currently logged in an Aide?
 197  */
 198 int is_aide(void) {
 199         if (CC->usersupp.axlevel >= 6) return(1);
 200         else return(0);
 201         }
 202
 203
 204 /*
 205  * Is the user currently logged in an Aide *or* the room aide for this room?
 206  */
 207 int is_room_aide(void) {
 208         if ( (CC->usersupp.axlevel >= 6)
 209            || (CC->quickroom.QRroomaide == CC->usersupp.usernum) ) {
 210                 return(1);
 211                 }
 212         else {
 213                 return(0);
 214                 }
 215         }
 216
 217 /*
 218  * getuserbynumber()  -  get user by number
 219  *                       returns 0 if user was found
 220  */
 221 int getuserbynumber(struct usersupp *usbuf, long int number)
 222 {
 223         struct cdbdata *cdbus;
 224
 225         cdb_rewind(CDB_USERSUPP);
 226
 227         while(cdbus = cdb_next_item(CDB_USERSUPP), cdbus != NULL) {
 228                 bzero(usbuf, sizeof(struct usersupp));
 229                 memcpy(usbuf, cdbus->ptr,
 230                         ( (cdbus->len > sizeof(struct usersupp)) ?
 231                         sizeof(struct usersupp) : cdbus->len) );
 232                 cdb_free(cdbus);
 233                 if (usbuf->usernum == number) {
 234                         return(0);
 235                         }
 236                 }
 237         return(-1);
 238         }
 239
 240
 241 /*
 242  * USER cmd
 243  */
 244 void cmd_user(char *cmdbuf)
 245 {
 246         char username[256];
 247         char autoname[256];
 248         int found_user = 0;
 249         struct passwd *p;
 250         int a;
 251
 252         extract(username,cmdbuf,0);
 253         username[25] = 0;
 254         strproc(username);
 255
 256         if ((CC->logged_in)) {
 257                 cprintf("%d Already logged in.\n",ERROR);
 258                 return;
 259                 }
 260
 261         found_user = getuser(&CC->usersupp,username);
 262         if (found_user != 0) {
 263                 p = (struct passwd *)getpwnam(username);
 264                 if (p!=NULL) {
 265                         strcpy(autoname,p->pw_gecos);
 266                         for (a=0; a<strlen(autoname); ++a)
 267                                 if (autoname[a]==',') autoname[a]=0;
 268                         found_user = getuser(&CC->usersupp,autoname);
 269                         }
 270                 }
 271         if (found_user == 0) {
 272                 if (((CC->nologin)) && (CC->usersupp.axlevel < 6)) {
 273                         cprintf("%d %s: Too many users are already online (maximum is %d)\n",
 274                         ERROR+MAX_SESSIONS_EXCEEDED,
 275                         config.c_nodename,config.c_maxsessions);
 276                         }
 277                 else {
 278                         strcpy(CC->curr_user,CC->usersupp.fullname);
 279                         cprintf("%d Password required for %s\n",
 280                                 MORE_DATA,CC->curr_user);
 281                         }
 282                 }
 283         else {
 284                 cprintf("%d %s not found.\n",ERROR,username);
 285                 }
 286         }
 287
 288
 289
 290 /*
 291  * session startup code which is common to both cmd_pass() and cmd_newu()
 292  */
 293 void session_startup(void) {
 294         int a;
 295         struct quickroom qr;
 296
 297         syslog(LOG_NOTICE,"user <%s> logged in",CC->curr_user);
 298
 299         lgetuser(&CC->usersupp,CC->curr_user);
 300         ++(CC->usersupp.timescalled);
 301         CC->fake_username[0] = '\0';
 302         CC->fake_postname[0] = '\0';
 303         CC->fake_hostname[0] = '\0';
 304         CC->fake_roomname[0] = '\0';
 305         CC->last_pager[0] = '\0';
 306         time(&CC->usersupp.lastcall);
 307
 308         /* If this user's name is the name of the system administrator
 309          * (as specified in setup), automatically assign access level 6.
 310          */
 311         if (!strcasecmp(CC->usersupp.fullname, config.c_sysadm)) {
 312                 CC->usersupp.axlevel = 6;
 313                 }
 314
 315 /* A room's generation number changes each time it is recycled. Users are kept
 316  * out of private rooms or forget rooms by matching the generation numbers. To
 317  * avoid an accidental matchup, unmatched numbers are set to -1 here.
 318  *
 319  * FIX - This can get removed once the new relationships system is in place.
 320  *
 321  */
 322         for (a=0; a<MAXROOMS; ++a) {
 323                 getroom(&qr,a);
 324                 if (CC->usersupp.generation[a] != qr.QRgen)
 325                                         CC->usersupp.generation[a]=(-1);
 326                 if (CC->usersupp.forget[a] != qr.QRgen)
 327                                         CC->usersupp.forget[a]=(-1);
 328                 }
 329
 330         lputuser(&CC->usersupp,CC->curr_user);
 331
 332         /* Run any cleanup routines registered by loadable modules */
 333         PerformSessionHooks(EVT_LOGIN);
 334
 335         cprintf("%d %s|%d|%d|%d|%u|%ld\n",OK,CC->usersupp.fullname,CC->usersupp.axlevel,
 336                 CC->usersupp.timescalled,CC->usersupp.posted,CC->usersupp.flags,
 337                 CC->usersupp.usernum);
 338         usergoto(0,0);          /* Enter the lobby */
 339         rec_log(CL_LOGIN,CC->curr_user);
 340         }
 341
 342
 343 /*
 344  * misc things to be taken care of when a user is logged out
 345  */
 346 void logout(struct CitContext *who)
 347 {
 348         who->logged_in = 0;
 349         if (who->download_fp != NULL) {
 350                 fclose(who->download_fp);
 351                 who->download_fp = NULL;
 352                 }
 353         if (who->upload_fp != NULL) {
 354                 abort_upl(who);
 355                 }
 356
 357         /* Do modular stuff... */
 358         PerformSessionHooks(EVT_LOGOUT);
 359         }
 360
 361
 362 void cmd_pass(char *buf)
 363 {
 364         char password[256];
 365         int code;
 366         struct passwd *p;
 367
 368         extract(password,buf,0);
 369
 370         if ((CC->logged_in)) {
 371                 cprintf("%d Already logged in.\n",ERROR);
 372                 return;
 373                 }
 374         if (!strcmp(CC->curr_user,"")) {
 375                 cprintf("%d You must send a name with USER first.\n",ERROR);
 376                 return;
 377                 }
 378         if (getuser(&CC->usersupp,CC->curr_user)) {
 379                 cprintf("%d Can't find user record!\n",ERROR+INTERNAL_ERROR);
 380                 return;
 381                 }
 382
 383         code = (-1);
 384         if (CC->usersupp.USuid == BBSUID) {
 385                 strproc(password);
 386                 strproc(CC->usersupp.password);
 387                 code = strcasecmp(CC->usersupp.password,password);
 388                 }
 389         else {
 390                 p = (struct passwd *)getpwuid(CC->usersupp.USuid);
 391 #ifdef ENABLE_AUTOLOGIN
 392                 if (p!=NULL) {
 393                         if (!strcmp(p->pw_passwd,
 394                            (char *)crypt(password,p->pw_passwd))) {
 395                                 code = 0;
 396                                 lgetuser(&CC->usersupp, CC->curr_user);
 397                                 strcpy(CC->usersupp.password, password);
 398                                 lputuser(&CC->usersupp, CC->curr_user);
 399                                 }
 400                         }
 401 #endif
 402                 }
 403
 404         if (!code) {
 405                 (CC->logged_in) = 1;
 406                 session_startup();
 407                 }
 408         else {
 409                 cprintf("%d Wrong password.\n",ERROR);
 410                 rec_log(CL_BADPW,CC->curr_user);
 411                 }
 412         }
 413
 414
 415 /*
 416  * Delete a user record *and* all of its related resources.
 417  */
 418 int purge_user(char *pname) {
 419         char filename[64];
 420         struct usersupp usbuf;
 421         int a;
 422         struct cdbdata *cdbmb;
 423         long *mailbox;
 424         int num_mails;
 425
 426         if (getuser(&usbuf, pname) != 0) {
 427                 lprintf(5, "Cannot purge user <%s> - not found\n", pname);
 428                 return(ERROR+NO_SUCH_USER);
 429                 }
 430
 431         /* FIX   Don't delete a user who is currently logged in. */
 432
 433         /* Perform any purge functions registered by server extensions */
 434         PerformUserHooks(usbuf.fullname, usbuf.usernum, EVT_PURGEUSER);
 435
 436         /* delete any messages in the user's mailbox */
 437         cdbmb = cdb_fetch(CDB_MAILBOXES, &usbuf.usernum, sizeof(long));
 438         if (cdbmb != NULL) {
 439                 num_mails = cdbmb->len / sizeof(long);
 440                 mailbox = (long *) cdbmb->ptr;
 441                 if (num_mails > 0) for (a=0; a<num_mails; ++a) {
 442                         cdb_delete(CDB_MSGMAIN, &mailbox[a], sizeof(long));
 443                         }
 444                 cdb_free(cdbmb);
 445                 /* now delete the mailbox itself */
 446                 cdb_delete(CDB_MAILBOXES, &usbuf.usernum, sizeof(long));
 447                 }
 448
 449         /* delete any existing user/room relationships */
 450         cdb_delete(CDB_VISIT, &usbuf.usernum, sizeof(long));
 451
 452         /* delete the userlog entry */
 453         cdb_delete(CDB_USERSUPP, pname, strlen(pname));
 454
 455         /* remove the user's bio file */
 456         sprintf(filename, "./bio/%ld", usbuf.usernum);
 457         unlink(filename);
 458
 459         /* remove the user's picture */
 460         sprintf(filename, "./userpics/%ld.gif", usbuf.usernum);
 461         unlink(filename);
 462
 463         return(0);
 464         }
 465
 466
 467 /*
 468  * create_user()  -  back end processing to create a new user
 469  */
 470 int create_user(char *newusername)
 471 {
 472         struct usersupp usbuf;
 473         int a;
 474         struct passwd *p = NULL;
 475         char username[64];
 476
 477         strcpy(username, newusername);
 478         strproc(username);
 479
 480 #ifdef ENABLE_AUTOLOGIN
 481         p = (struct passwd *)getpwnam(username);
 482 #endif
 483         if (p != NULL) {
 484                 strcpy(username, p->pw_gecos);
 485                 for (a=0; a<strlen(username); ++a) {
 486                         if (username[a] == ',') username[a] = 0;
 487                         }
 488                 CC->usersupp.USuid = p->pw_uid;
 489                 }
 490         else {
 491                 CC->usersupp.USuid = BBSUID;
 492                 }
 493
 494         if (!getuser(&usbuf,username)) {
 495                 return(ERROR+ALREADY_EXISTS);
 496                 }
 497
 498         strcpy(CC->curr_user,username);
 499         strcpy(CC->usersupp.fullname,username);
 500         (CC->logged_in) = 1;
 501
 502         for (a=0; a<MAXROOMS; ++a) {
 503                 CC->usersupp.lastseen[a]=0L;
 504                 CC->usersupp.generation[a]=(-1);
 505                 CC->usersupp.forget[a]=(-1);
 506                 }
 507         strcpy(CC->usersupp.password,"");
 508
 509         /* These are the default flags on new accounts */
 510         CC->usersupp.flags =
 511                 US_NEEDVALID|US_LASTOLD|US_DISAPPEAR|US_PAGINATOR|US_FLOORS;
 512
 513         CC->usersupp.timescalled = 0;
 514         CC->usersupp.posted = 0;
 515         CC->usersupp.axlevel = config.c_initax;
 516         CC->usersupp.USscreenwidth = 80;
 517         CC->usersupp.USscreenheight = 24;
 518         time(&CC->usersupp.lastcall);
 519         strcpy(CC->usersupp.USname, "");
 520         strcpy(CC->usersupp.USaddr, "");
 521         strcpy(CC->usersupp.UScity, "");
 522         strcpy(CC->usersupp.USstate, "");
 523         strcpy(CC->usersupp.USzip, "");
 524         strcpy(CC->usersupp.USphone, "");
 525
 526         /* fetch a new user number */
 527         CC->usersupp.usernum = get_new_user_number();
 528
 529         if (CC->usersupp.usernum == 1L) {
 530                 CC->usersupp.axlevel = 6;
 531                 }
 532
 533         /* add user to userlog */
 534         putuser(&CC->usersupp,CC->curr_user);
 535         if (getuser(&CC->usersupp,CC->curr_user)) {
 536                 return(ERROR+INTERNAL_ERROR);
 537                 }
 538         rec_log(CL_NEWUSER,CC->curr_user);
 539         return(0);
 540         }
 541
 542
 543
 544
 545 /*
 546  * cmd_newu()  -  create a new user account
 547  */
 548 void cmd_newu(char *cmdbuf)
 549 {
 550         int a;
 551         char username[256];
 552
 553         if ((CC->logged_in)) {
 554                 cprintf("%d Already logged in.\n",ERROR);
 555                 return;
 556                 }
 557
 558         if ((CC->nologin)) {
 559                 cprintf("%d %s: Too many users are already online (maximum is %d)\n",
 560                 ERROR+MAX_SESSIONS_EXCEEDED,
 561                 config.c_nodename,config.c_maxsessions);
 562                 }
 563
 564         extract(username,cmdbuf,0);
 565         username[25] = 0;
 566         strproc(username);
 567
 568         if (strlen(username)==0) {
 569                 cprintf("%d You must supply a user name.\n",ERROR);
 570                 return;
 571                 }
 572
 573         a = create_user(username);
 574         if ((!strcasecmp(username, "bbs")) ||
 575             (!strcasecmp(username, "new")) ||
 576             (!strcasecmp(username, ".")))
 577         {
 578            cprintf("%d '%s' is an invalid login name.\n", ERROR);
 579            return;
 580         }
 581         if (a==ERROR+ALREADY_EXISTS) {
 582                 cprintf("%d '%s' already exists.\n",
 583                         ERROR+ALREADY_EXISTS,username);
 584                 return;
 585                 }
 586         else if (a==ERROR+INTERNAL_ERROR) {
 587                 cprintf("%d Internal error - user record disappeared?\n",
 588                         ERROR+INTERNAL_ERROR);
 589                 return;
 590                 }
 591         else if (a==0) {
 592                 session_startup();
 593                 }
 594         else {
 595                 cprintf("%d unknown error\n",ERROR);
 596                 }
 597         rec_log(CL_NEWUSER,CC->curr_user);
 598         }
 599
 600
 601
 602 /*
 603  * set password
 604  */
 605 void cmd_setp(char *new_pw)
 606 {
 607         if (!(CC->logged_in)) {
 608                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 609                 return;
 610                 }
 611         if (CC->usersupp.USuid != BBSUID) {
 612                 cprintf("%d Not allowed.  Use the 'passwd' command.\n",ERROR);
 613                 return;
 614                 }
 615         strproc(new_pw);
 616         if (strlen(new_pw)==0) {
 617                 cprintf("%d Password unchanged.\n",OK);
 618                 return;
 619                 }
 620         lgetuser(&CC->usersupp,CC->curr_user);
 621         strcpy(CC->usersupp.password,new_pw);
 622         lputuser(&CC->usersupp,CC->curr_user);
 623         cprintf("%d Password changed.\n",OK);
 624         rec_log(CL_PWCHANGE,CC->curr_user);
 625         PerformSessionHooks(EVT_SETPASS);
 626         }
 627
 628 /*
 629  * get user parameters
 630  */
 631 void cmd_getu(void) {
 632         if (!(CC->logged_in)) {
 633                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 634                 return;
 635                 }
 636         getuser(&CC->usersupp,CC->curr_user);
 637         cprintf("%d %d|%d|%d\n",
 638                 OK,
 639                 CC->usersupp.USscreenwidth,
 640                 CC->usersupp.USscreenheight,
 641                 (CC->usersupp.flags & US_USER_SET)
 642                 );
 643         }
 644
 645 /*
 646  * set user parameters
 647  */
 648 void cmd_setu(char *new_parms)
 649 {
 650
 651         if (num_parms(new_parms)!=3) {
 652                 cprintf("%d Usage error.\n",ERROR);
 653                 return;
 654                 }
 655         if (!(CC->logged_in)) {
 656                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 657                 return;
 658                 }
 659         lgetuser(&CC->usersupp,CC->curr_user);
 660         CC->usersupp.USscreenwidth = extract_int(new_parms,0);
 661         CC->usersupp.USscreenheight = extract_int(new_parms,1);
 662         CC->usersupp.flags = CC->usersupp.flags & (~US_USER_SET);
 663         CC->usersupp.flags = CC->usersupp.flags |
 664                 (extract_int(new_parms,2) & US_USER_SET);
 665         lputuser(&CC->usersupp,CC->curr_user);
 666         cprintf("%d Ok\n",OK);
 667         }
 668
 669 /*
 670  * set last read pointer
 671  */
 672 void cmd_slrp(char *new_ptr)
 673 {
 674         long newlr;
 675         struct visit vbuf;
 676
 677         if (!(CC->logged_in)) {
 678                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 679                 return;
 680                 }
 681
 682         if (CC->curr_rm < 0) {
 683                 cprintf("%d No current room.\n",ERROR);
 684                 return;
 685                 }
 686
 687         if (!strncasecmp(new_ptr,"highest",7)) {
 688                 newlr = CC->quickroom.QRhighest;
 689 /* FIX ... if the current room is 1 (Mail), newlr needs to be set to the
 690  * number of the highest mail message
 691  */
 692                 }
 693         else {
 694                 newlr = atol(new_ptr);
 695                 }
 696
 697         lgetuser(&CC->usersupp, CC->curr_user);
 698
 699         /* old method - remove */
 700         CC->usersupp.lastseen[CC->curr_rm] = newlr;
 701
 702         /* new method */
 703         CtdlGetRelationship(&vbuf, &CC->usersupp, &CC->quickroom);
 704         vbuf.v_lastseen = newlr;
 705         CtdlSetRelationship(&vbuf, &CC->usersupp, &CC->quickroom);
 706
 707         lputuser(&CC->usersupp, CC->curr_user);
 708         cprintf("%d %ld\n",OK,newlr);
 709         }
 710
 711
 712 /*
 713  * INVT and KICK commands
 714  */
 715 void cmd_invt_kick(char *iuser, int op)
 716                         /* user name */
 717         {               /* 1 = invite, 0 = kick out */
 718         struct usersupp USscratch;
 719         char bbb[256];
 720         struct visit vbuf;
 721
 722         if (!(CC->logged_in)) {
 723                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 724                 return;
 725                 }
 726
 727         if (CC->curr_rm < 0) {
 728                 cprintf("%d No current room.\n",ERROR);
 729                 return;
 730                 }
 731
 732         if (is_room_aide()==0) {
 733                 cprintf("%d Higher access required.\n",
 734                         ERROR+HIGHER_ACCESS_REQUIRED);
 735                 return;
 736                 }
 737
 738         /* FIX - with the new relationships scheme we can lock users out,
 739            so it'll make sense to remove this routine */
 740         if ( (op==1) && ((CC->quickroom.QRflags&QR_PRIVATE)==0) ) {
 741                 cprintf("%d Not a private room.\n",ERROR+NOT_HERE);
 742                 return;
 743                 }
 744
 745         if (lgetuser(&USscratch,iuser)!=0) {
 746                 cprintf("%d No such user.\n",ERROR);
 747                 return;
 748                 }
 749
 750         CtdlGetRelationship(&vbuf, &USscratch, &CC->quickroom);
 751
 752         if (op==1) {
 753                 /* old method -- FIX remove this when we're ready */
 754                 USscratch.generation[CC->curr_rm]=CC->quickroom.QRgen;
 755                 USscratch.forget[CC->curr_rm]=(-1);
 756
 757                 /* new method */
 758                 vbuf.v_flags = vbuf.v_flags & ~V_FORGET & ~V_LOCKOUT;
 759                 vbuf.v_flags = vbuf.v_flags | V_ACCESS;
 760                 }
 761
 762         if (op==0) {
 763                 /* old method -- FIX remove this when we're ready */
 764                 USscratch.generation[CC->curr_rm]=(-1);
 765                 USscratch.forget[CC->curr_rm]=CC->quickroom.QRgen;
 766
 767                 /* new method */
 768                 vbuf.v_flags = vbuf.v_flags & ~V_ACCESS;
 769                 vbuf.v_flags = vbuf.v_flags | V_FORGET | V_LOCKOUT;
 770                 }
 771
 772         CtdlSetRelationship(&vbuf, &USscratch, &CC->quickroom);
 773
 774         lputuser(&USscratch,iuser);
 775
 776         /* post a message in Aide> saying what we just did */
 777         sprintf(bbb,"%s %s %s> by %s",
 778                 iuser,
 779                 ((op == 1) ? "invited to" : "kicked out of"),
 780                 CC->quickroom.QRname,
 781                 CC->usersupp.fullname);
 782         aide_message(bbb);
 783
 784         if ((op==0)&&((CC->quickroom.QRflags&QR_PRIVATE)==0)) {
 785                 cprintf("%d Ok. (Not a private room, <Z>ap effect only)\n",OK);
 786                 }
 787         else {
 788                 cprintf("%d Ok.\n",OK);
 789                 }
 790         return;
 791         }
 792
 793
 794 /*
 795  * forget (Zap) the current room
 796  */
 797 void cmd_forg(void) {
 798         struct visit vbuf;
 799
 800         if (!(CC->logged_in)) {
 801                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 802                 return;
 803                 }
 804
 805         if (CC->curr_rm < 0) {
 806                 cprintf("%d No current room.\n",ERROR);
 807                 return;
 808                 }
 809
 810         if (CC->curr_rm < 3) {
 811                 cprintf("%d You cannot forget this room.\n",ERROR+NOT_HERE);
 812                 return;
 813                 }
 814
 815         if (is_aide()) {
 816                 cprintf("%d Aides cannot forget rooms.\n",ERROR);
 817                 return;
 818                 }
 819
 820         lgetuser(&CC->usersupp,CC->curr_user);
 821         CtdlGetRelationship(&vbuf, &CC->usersupp, &CC->quickroom);
 822
 823         /* old method -- FIX remove this when we're ready */
 824         CC->usersupp.forget[CC->curr_rm] = CC->quickroom.QRgen;
 825         CC->usersupp.generation[CC->curr_rm] = (-1);
 826
 827         /* new method */
 828         vbuf.v_flags = vbuf.v_flags | V_FORGET;
 829
 830         CtdlSetRelationship(&vbuf, &CC->usersupp, &CC->quickroom);
 831         lputuser(&CC->usersupp,CC->curr_user);
 832         cprintf("%d Ok\n",OK);
 833         CC->curr_rm = (-1);
 834         }
 835
 836 /*
 837  * Get Next Unregistered User
 838  */
 839 void cmd_gnur(void) {
 840         struct cdbdata *cdbus;
 841         struct usersupp usbuf;
 842
 843         if (!(CC->logged_in)) {
 844                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 845                 return;
 846                 }
 847
 848         if (CC->usersupp.axlevel < 6) {
 849                 cprintf("%d Higher access required.\n",
 850                         ERROR+HIGHER_ACCESS_REQUIRED);
 851                 return;
 852                 }
 853
 854         if ((CitControl.MMflags&MM_VALID)==0) {
 855                 cprintf("%d There are no unvalidated users.\n",OK);
 856                 return;
 857                 }
 858
 859         /* There are unvalidated users.  Traverse the usersupp database,
 860          * and return the first user we find that needs validation.
 861          */
 862         cdb_rewind(CDB_USERSUPP);
 863         while (cdbus = cdb_next_item(CDB_USERSUPP), cdbus != NULL) {
 864                 bzero(&usbuf, sizeof(struct usersupp));
 865                 memcpy(&usbuf, cdbus->ptr,
 866                         ( (cdbus->len > sizeof(struct usersupp)) ?
 867                         sizeof(struct usersupp) : cdbus->len) );
 868                 cdb_free(cdbus);
 869                 if ((usbuf.flags & US_NEEDVALID)
 870                    &&(usbuf.axlevel > 0)) {
 871                         cprintf("%d %s\n",MORE_DATA,usbuf.fullname);
 872                         return;
 873                         }
 874                 }
 875
 876         /* If we get to this point, there are no more unvalidated users.
 877          * Therefore we clear the "users need validation" flag.
 878          */
 879
 880         begin_critical_section(S_CONTROL);
 881         get_control();
 882         CitControl.MMflags = CitControl.MMflags&(~MM_VALID);
 883         put_control();
 884         end_critical_section(S_CONTROL);
 885         cprintf("%d *** End of registration.\n",OK);
 886
 887
 888         }
 889
 890
 891 /*
 892  * get registration info for a user
 893  */
 894 void cmd_greg(char *who)
 895 {
 896         struct usersupp usbuf;
 897         int a,b;
 898         char pbuf[32];
 899
 900         if (!(CC->logged_in)) {
 901                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 902                 return;
 903                 }
 904
 905         if (!strcasecmp(who,"_SELF_")) strcpy(who,CC->curr_user);
 906
 907         if ((CC->usersupp.axlevel < 6) && (strcasecmp(who,CC->curr_user))) {
 908                 cprintf("%d Higher access required.\n",
 909                         ERROR+HIGHER_ACCESS_REQUIRED);
 910                 return;
 911                 }
 912
 913         if (getuser(&usbuf,who) != 0) {
 914                 cprintf("%d '%s' not found.\n",ERROR+NO_SUCH_USER,who);
 915                 return;
 916                 }
 917
 918         cprintf("%d %s\n",LISTING_FOLLOWS,usbuf.fullname);
 919         cprintf("%ld\n",usbuf.usernum);
 920         cprintf("%s\n",usbuf.password);
 921         cprintf("%s\n",usbuf.USname);
 922         cprintf("%s\n",usbuf.USaddr);
 923         cprintf("%s\n%s\n%s\n",
 924                 usbuf.UScity,usbuf.USstate,usbuf.USzip);
 925         strcpy(pbuf,usbuf.USphone);
 926         usbuf.USphone[0]=0;
 927         for (a=0; a<strlen(pbuf); ++a) {
 928                 if ((pbuf[a]>='0')&&(pbuf[a]<='9')) {
 929                         b=strlen(usbuf.USphone);
 930                         usbuf.USphone[b]=pbuf[a];
 931                         usbuf.USphone[b+1]=0;
 932                         }
 933                 }
 934         while(strlen(usbuf.USphone)<10) {
 935                 strcpy(pbuf,usbuf.USphone);
 936                 strcpy(usbuf.USphone," ");
 937                 strcat(usbuf.USphone,pbuf);
 938                 }
 939
 940         cprintf("(%c%c%c) %c%c%c-%c%c%c%c\n",
 941                 usbuf.USphone[0],usbuf.USphone[1],
 942                 usbuf.USphone[2],usbuf.USphone[3],
 943                 usbuf.USphone[4],usbuf.USphone[5],
 944                 usbuf.USphone[6],usbuf.USphone[7],
 945                 usbuf.USphone[8],usbuf.USphone[9]);
 946
 947         cprintf("%d\n",usbuf.axlevel);
 948         cprintf("%s\n",usbuf.USemail);
 949         cprintf("000\n");
 950         }
 951
 952 /*
 953  * validate a user
 954  */
 955 void cmd_vali(char *v_args)
 956 {
 957         char user[256];
 958         int newax;
 959         struct usersupp userbuf;
 960
 961         extract(user,v_args,0);
 962         newax = extract_int(v_args,1);
 963
 964         if (!(CC->logged_in)) {
 965                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
 966                 return;
 967                 }
 968
 969         if (CC->usersupp.axlevel < 6) {
 970                 cprintf("%d Higher access required.\n",
 971                         ERROR+HIGHER_ACCESS_REQUIRED);
 972                 return;
 973                 }
 974
 975         if (lgetuser(&userbuf,user)!=0) {
 976                 cprintf("%d '%s' not found.\n",ERROR+NO_SUCH_USER,user);
 977                 return;
 978                 }
 979
 980         userbuf.axlevel = newax;
 981         userbuf.flags = (userbuf.flags & ~US_NEEDVALID);
 982
 983         lputuser(&userbuf,user);
 984
 985         /* If the access level was set to zero, delete the user */
 986         if (newax == 0) {
 987                 if (purge_user(user)==0) {
 988                         cprintf("%d %s Deleted.\n", OK, userbuf.fullname);
 989                         return;
 990                         }
 991                 }
 992
 993         cprintf("%d ok\n",OK);
 994         }
 995
 996
 997
 998 /*
 999  *  Traverse the user file...
1000  */
1001 void ForEachUser(void (*CallBack)(struct usersupp *EachUser)) {
1002         struct usersupp usbuf;
1003         struct cdbdata *cdbus;
1004
1005         cdb_rewind(CDB_USERSUPP);
1006
1007         while(cdbus = cdb_next_item(CDB_USERSUPP), cdbus != NULL) {
1008                 bzero(&usbuf, sizeof(struct usersupp));
1009                 memcpy(&usbuf, cdbus->ptr,
1010                         ( (cdbus->len > sizeof(struct usersupp)) ?
1011                         sizeof(struct usersupp) : cdbus->len) );
1012                 cdb_free(cdbus);
1013                 (*CallBack)(&usbuf);
1014                 }
1015         }
1016
1017
1018 /*
1019  * List one user (this works with cmd_list)
1020  */
1021 void ListThisUser(struct usersupp *usbuf) {
1022         if (usbuf->axlevel > 0) {
1023                 if ((CC->usersupp.axlevel>=6)
1024                    ||((usbuf->flags&US_UNLISTED)==0)
1025                    ||((CC->internal_pgm))) {
1026                         cprintf("%s|%d|%ld|%ld|%d|%d|",
1027                                 usbuf->fullname,
1028                                 usbuf->axlevel,
1029                                 usbuf->usernum,
1030                                 usbuf->lastcall,
1031                                 usbuf->timescalled,
1032                                 usbuf->posted);
1033                         if (CC->usersupp.axlevel >= 6)
1034                                 cprintf("%s",usbuf->password);
1035                         cprintf("\n");
1036                         }
1037                 }
1038         }
1039
1040 /*
1041  *  List users
1042  */
1043 void cmd_list(void) {
1044         cprintf("%d \n",LISTING_FOLLOWS);
1045         ForEachUser(ListThisUser);
1046         cprintf("000\n");
1047         }
1048
1049
1050 /*
1051  * enter registration info
1052  */
1053 void cmd_regi(void) {
1054         int a,b,c;
1055         char buf[256];
1056
1057         char tmpname[256];
1058         char tmpaddr[256];
1059         char tmpcity[256];
1060         char tmpstate[256];
1061         char tmpzip[256];
1062         char tmpphone[256];
1063         char tmpemail[256];
1064
1065         if (!(CC->logged_in)) {
1066                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
1067                 return;
1068                 }
1069
1070         strcpy(tmpname,"");
1071         strcpy(tmpaddr,"");
1072         strcpy(tmpcity,"");
1073         strcpy(tmpstate,"");
1074         strcpy(tmpzip,"");
1075         strcpy(tmpphone,"");
1076         strcpy(tmpemail,"");
1077
1078         cprintf("%d Send registration...\n",SEND_LISTING);
1079         a=0;
1080         while (client_gets(buf), strcmp(buf,"000")) {
1081                 if (a==0) strcpy(tmpname,buf);
1082                 if (a==1) strcpy(tmpaddr,buf);
1083                 if (a==2) strcpy(tmpcity,buf);
1084                 if (a==3) strcpy(tmpstate,buf);
1085                 if (a==4) {
1086                         for (c=0; c<strlen(buf); ++c) {
1087                                 if ((buf[c]>='0')&&(buf[c]<='9')) {
1088                                         b=strlen(tmpzip);
1089                                         tmpzip[b]=buf[c];
1090                                         tmpzip[b+1]=0;
1091                                         }
1092                                 }
1093                         }
1094                 if (a==5) {
1095                         for (c=0; c<strlen(buf); ++c) {
1096                                 if ((buf[c]>='0')&&(buf[c]<='9')) {
1097                                         b=strlen(tmpphone);
1098                                         tmpphone[b]=buf[c];
1099                                         tmpphone[b+1]=0;
1100                                         }
1101                                 }
1102                         }
1103                 if (a==6) strncpy(tmpemail,buf,31);
1104                 ++a;
1105                 }
1106
1107         tmpname[29]=0;
1108         tmpaddr[24]=0;
1109         tmpcity[14]=0;
1110         tmpstate[2]=0;
1111         tmpzip[9]=0;
1112         tmpphone[10]=0;
1113         tmpemail[31]=0;
1114
1115         lgetuser(&CC->usersupp,CC->curr_user);
1116         strcpy(CC->usersupp.USname,tmpname);
1117         strcpy(CC->usersupp.USaddr,tmpaddr);
1118         strcpy(CC->usersupp.UScity,tmpcity);
1119         strcpy(CC->usersupp.USstate,tmpstate);
1120         strcpy(CC->usersupp.USzip,tmpzip);
1121         strcpy(CC->usersupp.USphone,tmpphone);
1122         strcpy(CC->usersupp.USemail,tmpemail);
1123         CC->usersupp.flags=(CC->usersupp.flags|US_REGIS|US_NEEDVALID);
1124         lputuser(&CC->usersupp,CC->curr_user);
1125
1126         /* set global flag calling for validation */
1127         begin_critical_section(S_CONTROL);
1128         get_control();
1129         CitControl.MMflags = CitControl.MMflags | MM_VALID ;
1130         put_control();
1131         end_critical_section(S_CONTROL);
1132         cprintf("%d *** End of registration.\n",OK);
1133         }
1134
1135
1136 /*
1137  * assorted info we need to check at login
1138  */
1139 void cmd_chek(void) {
1140         int mail = 0;
1141         int regis = 0;
1142         int vali = 0;
1143
1144         if (!(CC->logged_in)) {
1145                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
1146                 return;
1147                 }
1148
1149         getuser(&CC->usersupp,CC->curr_user); /* no lock is needed here */
1150         if ((REGISCALL!=0)&&((CC->usersupp.flags&US_REGIS)==0)) regis = 1;
1151
1152         if (CC->usersupp.axlevel >= 6) {
1153                 get_control();
1154                 if (CitControl.MMflags&MM_VALID) vali = 1;
1155                 }
1156
1157
1158         /* check for mail */
1159         mail = NewMailCount();
1160
1161         cprintf("%d %d|%d|%d\n",OK,mail,regis,vali);
1162         }
1163
1164
1165 /*
1166  * check to see if a user exists
1167  */
1168 void cmd_qusr(char *who)
1169 {
1170         struct usersupp usbuf;
1171
1172         if (getuser(&usbuf,who) == 0) {
1173                 cprintf("%d %s\n",OK,usbuf.fullname);
1174                 }
1175         else {
1176                 cprintf("%d No such user.\n",ERROR+NO_SUCH_USER);
1177                 }
1178         }
1179
1180
1181 /*
1182  * enter user bio
1183  */
1184 void cmd_ebio(void) {
1185         char buf[256];
1186         FILE *fp;
1187
1188         if (!(CC->logged_in)) {
1189                 cprintf("%d Not logged in.\n",ERROR+NOT_LOGGED_IN);
1190                 return;
1191                 }
1192
1193         sprintf(buf,"./bio/%ld",CC->usersupp.usernum);
1194         fp = fopen(buf,"w");
1195         if (fp == NULL) {
1196                 cprintf("%d Cannot create file\n",ERROR);
1197                 return;
1198                 }
1199         cprintf("%d  \n",SEND_LISTING);
1200         while(client_gets(buf), strcmp(buf,"000")) {
1201                 fprintf(fp,"%s\n",buf);
1202                 }
1203         fclose(fp);
1204         }
1205
1206 /*
1207  * read user bio
1208  */
1209 void cmd_rbio(char *cmdbuf)
1210 {
1211         struct usersupp ruser;
1212         char buf[256];
1213         FILE *fp;
1214
1215         extract(buf,cmdbuf,0);
1216         if (getuser(&ruser,buf)!=0) {
1217                 cprintf("%d No such user.\n",ERROR+NO_SUCH_USER);
1218                 return;
1219                 }
1220         sprintf(buf,"./bio/%ld",ruser.usernum);
1221
1222         fp = fopen(buf,"r");
1223         if (fp == NULL) {
1224                 cprintf("%d %s has no bio on file.\n",
1225                         ERROR+FILE_NOT_FOUND,ruser.fullname);
1226                 return;
1227                 }
1228         cprintf("%d  \n",LISTING_FOLLOWS);
1229         while (fgets(buf,256,fp)!=NULL) cprintf("%s",buf);
1230         fclose(fp);
1231         cprintf("000\n");
1232         }
1233
1234 /*
1235  * list of users who have entered bios
1236  */
1237 void cmd_lbio(void) {
1238         char buf[256];
1239         FILE *ls;
1240         struct usersupp usbuf;
1241
1242         ls=popen("cd ./bio; ls","r");
1243         if (ls==NULL) {
1244                 cprintf("%d Cannot open listing.\n",ERROR+FILE_NOT_FOUND);
1245                 return;
1246                 }
1247
1248         cprintf("%d\n",LISTING_FOLLOWS);
1249         while (fgets(buf,255,ls)!=NULL)
1250                 if (getuserbynumber(&usbuf,atol(buf))==0)
1251                         cprintf("%s\n",usbuf.fullname);
1252         pclose(ls);
1253         cprintf("000\n");
1254         }
1255
1256
1257 /*
1258  * Administrative Get User Parameters
1259  */
1260 void cmd_agup(char *cmdbuf) {
1261         struct usersupp usbuf;
1262         char requested_user[256];
1263
1264         if ( (CC->internal_pgm==0)
1265            && ( (CC->logged_in == 0) || (is_aide()==0) ) ) {
1266                 cprintf("%d Higher access required.\n",
1267                         ERROR + HIGHER_ACCESS_REQUIRED);
1268                 return;
1269                 }
1270
1271         extract(requested_user, cmdbuf, 0);
1272         if (getuser(&usbuf, requested_user) != 0) {
1273                 cprintf("%d No such user.\n", ERROR + NO_SUCH_USER);
1274                 return;
1275                 }
1276
1277         cprintf("%d %s|%s|%u|%d|%d|%d|%ld\n",
1278                 OK,
1279                 usbuf.fullname,
1280                 usbuf.password,
1281                 usbuf.flags,
1282                 usbuf.timescalled,
1283                 usbuf.posted,
1284                 (int)usbuf.axlevel,
1285                 usbuf.usernum);
1286
1287         }
1288
1289
1290
1291 /*
1292  * Administrative Set User Parameters
1293  */
1294 void cmd_asup(char *cmdbuf) {
1295         struct usersupp usbuf;
1296         char requested_user[256];
1297         int np;
1298         int newax;
1299
1300         if ( (CC->internal_pgm==0)
1301            && ( (CC->logged_in == 0) || (is_aide()==0) ) ) {
1302                 cprintf("%d Higher access required.\n",
1303                         ERROR + HIGHER_ACCESS_REQUIRED);
1304                 return;
1305                 }
1306
1307         extract(requested_user, cmdbuf, 0);
1308         if (lgetuser(&usbuf, requested_user) != 0) {
1309                 cprintf("%d No such user.\n", ERROR + NO_SUCH_USER);
1310                 return;
1311                 }
1312
1313         np = num_parms(cmdbuf);
1314         if (np > 1) extract(usbuf.password, cmdbuf, 1);
1315         if (np > 2) usbuf.flags = extract_int(cmdbuf, 2);
1316         if (np > 3) usbuf.timescalled = extract_int(cmdbuf, 3);
1317         if (np > 4) usbuf.posted = extract_int(cmdbuf, 4);
1318         if (np > 5) {
1319                 newax = extract_int(cmdbuf, 5);
1320                 if ((newax >=0) && (newax <= 6)) {
1321                         usbuf.axlevel = extract_int(cmdbuf, 5);
1322                         }
1323                 }
1324
1325         lputuser(&usbuf, requested_user);
1326         if (usbuf.axlevel == 0) {
1327                 if (purge_user(requested_user)==0) {
1328                         cprintf("%d %s deleted.\n", OK, requested_user);
1329                         }
1330                 }
1331         cprintf("%d Ok\n", OK);
1332         }
1333
1334
1335 /*
1336  * Count the number of new mail messages the user has
1337  */
1338 int NewMailCount() {
1339         int num_newmsgs = 0;
1340         struct cdbdata *cdbmb;
1341         int num_mails;
1342         long *mailbox;
1343         int a;
1344
1345         cdbmb = cdb_fetch(CDB_MAILBOXES, &CC->usersupp.usernum, sizeof(long));
1346         if (cdbmb != NULL) {
1347                 num_mails = cdbmb->len / sizeof(long);
1348                 mailbox = (long *) cdbmb->ptr;
1349                 if (num_mails > 0) for (a=0; a<num_mails; ++a) {
1350                         if (mailbox[a] > (CC->usersupp.lastseen[1]))
1351                                 ++num_newmsgs;
1352                         }
1353                 cdb_free(cdbmb);
1354                 }
1355         return(num_newmsgs);
1356         }